Order now


  • Who said a Password Manager is only for Passwords?22 Dec. 2016

    A password manager's core function is (unsurprisingly) to store and manage account passwords in a secure and flexible manner. Their workplace utility is obvious; companies have multiple services and accounts who's access permissions must be managed across different projects and teams that are often in flux. Reliable simultaneous access to...

    Read more

    Security Basics – The Lesser-Known Threat Vectors20 Dec. 2016

    The emergence of ever more sophisticated malware produced by teams of cybercriminals — and the repeated mass breaches they've produced — has put the perils of remote data exfiltration in the headlines. Unfortunately, this has overshadowed many more traditional attack vectors that pose equal or greater threat, as they're focused...

    Read more

    On Sharing Passwords01 Dec. 2016

    Storing passwords is one problem, but far too often, those passwords also need to be communicated to a third party (say, when provisioning an account for them) – a dangerous affair: Bit-for-bit, no data leak is more damaging than a compromised password, so sending them into the wild, bereft of...

    Read more

    What Makes A Password Good?21 Nov. 2016

    Criterion of “good” passwords has long been defined by confusing rules, outdated advice, and recently by those annoying colored “password strength” bars on websites. Ultimately, understanding password strength requires you understand what you're defending against. Passwords have to be stored in a database by the site that requires them of...

    Read more

    PAVE – The Next Generation Password Manager17 Nov. 2016

    TAO Digital is proud to announce our latest product: the PAVE enterprise-level password manager. Five years in the making, PAVE combines the security of a locally hosted password manager with the flexibility and convenience of cloud-based solutions. Easily and efficiently manageable in all iterations, it offers several different deployment architectures...

    Read more

    Roadmap17 Nov. 2016

    Obviously, 1.0 is just the start for PAVE. We feel that it has enough features to be useful to a broad range of customers, but obviously we cannot cover every possible workflow with the initial release. Windows server support Technically both PAVE and the key server already execute under Windows,...

    Read more

    Is PAVE right for me?08 Nov. 2016

    Most likely yes - PAVE works for small teams and enterprises both and is cost-competitive with cloud solutions on any scale. Remote access (with associated web/mobile apps) is supported and hardware/support costs are nigh nonexistent (for small teams) or light (for enterprise deployment architectures.) It offers the full feature set...

    Read more

    FreePAVE: A Quality Freeware Password Manager10 Oct. 2016

    FreePAVE: A Quality Freeware Password Manager TAO Digital is proud to announce FreePAVE: a multiplatform personal password manager that's free to download. FreePAVE serves as a demo for our enterprise password manager, showcasing our user experience and front-end features - but it also fills a crucial gap in current freeware...

    Read more

    Go: Four weeks later (Building a password manager, part 2)30 Sep. 2016

    After the client of our password manager is done in Electron, the next step is the server side. Node.js all the things? With the client made with electron/node.js, why not use it for the server as well? After all, that’s the whole idea behind Node. Coming more from the sysadmin...

    Read more

    Electron: Why? Why not? (Building a password manager, part 1)30 Sep. 2016

    Electron is a framework to build “desktop” applications using Chrome(/ium) and Node.js, probably most notably fake jerseys used by the Atom editor (for which it was created). It does, however, regularly attract criticism on social media, so I figured we’d share our experiences with it, and why we fake jerseys...

    Read more
  • PAVE password manager: Threat model (Building a password manager, part 3)30 Sep. 2016

    “What happens if our password manager is hacked?” is an easy question, but answering it is rather difficult – “getting hacked” can mean many things, and hiding behind “oh, we have encryption” is not the answer users deserve. This article is a rough overview over what attacks we considered, and...

    Read more